<?php
/** TODO: User and data check */
chdir('../');

require('includes/setUp.php');

try {
  
  $photo = new Photo();
  $photo = $db->find('Photo', $_GET['idPhoto']);

  $photo->AverageRating = (($photo->RatingsCount * $photo->AverageRating) + $_GET['rating']) / (++$photo->RatingsCount);

  if ($photo->Album->ProtectionName == 'private' && !$photo->Album->AllowedUsers->contains($user))
    globalFunc::redirect(WebRoot.'index.php?errMsg='.rawurlencode(T_('You can\'t rate that photo!')));
  
  $rating = new Rating();
  $rating->Rating = $_GET['rating'];
  $rating->User = $user;

  $photo->addRating($rating);

  $db->flush();

} catch (Exception $ex) {
  globalFunc::redirect(WebRoot.'index.php?errMsg='.rawurlencode($ex->getMessage()));
}

globalFunc::redirect(null, '#'.$photo->idPhoto);
?>
